Cannot modify "Access Settings" such as "SSH Login" and "Bash Shell" through VAMI (https://vcsa:5480) by a newly created SSO account.
search cancel

Cannot modify "Access Settings" such as "SSH Login" and "Bash Shell" through VAMI (https://vcsa:5480) by a newly created SSO account.

book

Article ID: 378611

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

Can't modify some settings ("SSH Login" or "Bash Shell") in VAMI (vCenter Appliance Management Interface) by a newly created SSO account (not builtin account such as [email protected]) . 

Error is thrown such as "Unable to authorize user". 

Environment

vCenter Server Appliance.

Cause

VAMI (backed by appliance management) authorization module has an own authentication based on local account (such as 'root' for example) and privileges so it is not straightforward to map SSO group to local VAMI privileges.

But 'SystemConfiguraiton.BashShellAdministrators' SSO group has a complete privileges to access local config in a VCSA through VAMI.

Resolution

Adding your created SSO account into the builtin SSO group "SystemConfiguration.BashShellAdministrators".


SystemConfiguration.BashShellAdministrator has an enough privilege to modify accessing VCSA configuration. (not for Objects managed by vCenter server. )

Powered by Wolken Software